Microsoft says Chinese hackers exploited breach in corporate email system

    A cyber espionage group linked to China has remotely looted mailboxes using flaws recently discovered in Microsoft’s server software.

    The information was released last Tuesday (2) by the company and external researchers and gives an example of how the common use of programs can be used to shape a wide online network.

    Microsoft said the hackers’ action made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it calls HAFNIUM, which it described as an entity sponsored by China, but which operates outside the country.

    In a separate publication, cybersecurity company Volexity said that in January it saw hackers use one of the vulnerabilities to remotely steal “the entire contents of multiple user mailboxes”.

    All they needed to know was the details of the Exchange server and the account they wanted to loot, said Volexity. Microsoft has already released fixes for the flaws.

    Exchange is a Microsoft corporate or student email account.

    “Exchange Server is used primarily by corporate customers, and we have no evidence that hackers’ activities target individual consumers or that these attacks have an impact on other Microsoft products,” said Tom Burt, corporate vice president at Microsoft.

    China is opposed to all forms of cyber attacks, China’s Foreign Ministry spokesman Wang Wenbin told a news conference in Beijing on Wednesday.

    “China wants the media and relevant companies to take a professional and responsible attitude and base the characterizations of cyber attacks on ample evidence, rather than unfounded assumptions and accusations,” he said.

    Before Microsoft’s announcement, hackers’ increasingly aggressive movements began to attract the attention of the cybersecurity community.

    Mike McLellan, director of intelligence at Secureworks at Dell Technologies, said that prior to Microsoft’s announcement he noticed a sudden spike in Exchange server activity during Sunday night, with about 10 affected customers at his company.

    Microsoft’s suite of products has come under scrutiny since the attack on SolarWinds, the Texas-based software company that served as a springboard for various government and private sector intrusions.

    In other cases, hackers have taken advantage of the way customers have configured their Microsoft services to compromise their targets or to dive further into the affected networks.

    The hackers who pursued SolarWinds also violated Microsoft itself by accessing and downloading the source code – including elements of Exchange, the company’s email product and calendar.

    McLellan said that, for the time being, the hacking activity he saw seemed focused on spreading malicious software and preparing the ground for a potentially deeper intrusion, rather than moving aggressively to networks immediately.

    “We haven’t seen any subsequent activity yet,” he said. “We will find many companies affected, but fewer companies actually exploited.”

    Microsoft said the targets include infectious disease researchers, law firms, higher education institutions, defense companies, policy think tanks and non-governmental groups.

    Recent Articles

    TikTok will broadcast live game of the Northeast Cup

    TikTok will broadcast a football game live for the first time this Wednesday (31), when it will display the Ceará x CSA match at...

    This is how Samsung recycles its old mobiles to turn them into eye disease detectors

    Samsung has begun to reuse its older Galaxy smartphones to provide eye care in underprivileged countries, using the mobile camera to detect eye diseases...

    NASA prepares to fly a helicopter on Mars for the first time

    This is the Ingenuity mission, which, after several years of tests and technological developments, will allow it to fly over the surface of the...

    Remote work, is it here to stay?

    Few companies had dared to consider working from home. But the pandemic forced them and the results have been positive. Productivity has increased, and...

    China imposes record fine on Alibaba consortium for $ 2.75 billion

    China imposed a record 18 billion yuan ($ 2.75 billion) fine on Alibaba Group Holding Ltd on Saturday after an antitrust investigation found that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox